Lucene search

[email protected]CVE-2020-3512

HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3512

2020-09-2418:15:21

CWE-400

CWE-388

[email protected]

web.nvd.nist.gov

cisco

profinet

vulnerability

lldp

dos

nvd

cve-2020-3512

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Affected configurations

NVD

Node

ciscoios_xeMatch15.2\(7\)e

AND

ciscocatalyst_3650-12x48uqMatch-

ciscocatalyst_3650-12x48urMatch-

ciscocatalyst_3650-12x48uzMatch-

ciscocatalyst_3650-24pdMatch-

ciscocatalyst_3650-24pdmMatch-

ciscocatalyst_3650-48fqmMatch-

ciscocatalyst_3650-8x24uqMatch-

ciscocatalyst_3850-24xsMatch-

ciscocatalyst_3850-48xsMatch-

ciscocatalyst_3850-nm-2-40gMatch-

ciscocatalyst_3850-nm-8-10gMatch-

ciscocatalyst_c9200-24pMatch-

ciscocatalyst_c9200-24tMatch-

ciscocatalyst_c9200-48pMatch-

ciscocatalyst_c9200-48tMatch-

ciscocatalyst_c9200l-24p-4gMatch-

ciscocatalyst_c9200l-24p-4xMatch-

ciscocatalyst_c9200l-24pxg-2yMatch-

ciscocatalyst_c9200l-24pxg-4xMatch-

ciscocatalyst_c9200l-24t-4gMatch-

ciscocatalyst_c9200l-24t-4xMatch-

ciscocatalyst_c9200l-48p-4gMatch-

ciscocatalyst_c9200l-48p-4xMatch-

ciscocatalyst_c9200l-48pxg-2yMatch-

ciscocatalyst_c9200l-48pxg-4xMatch-

ciscocatalyst_c9200l-48t-4gMatch-

ciscocatalyst_c9200l-48t-4xMatch-

ciscocatalyst_c9300-24pMatch-

ciscocatalyst_c9300-24sMatch-

ciscocatalyst_c9300-24tMatch-

ciscocatalyst_c9300-24uMatch-

ciscocatalyst_c9300-24uxMatch-

ciscocatalyst_c9300-48pMatch-

ciscocatalyst_c9300-48sMatch-

ciscocatalyst_c9300-48tMatch-

ciscocatalyst_c9300-48uMatch-

ciscocatalyst_c9300-48unMatch-

ciscocatalyst_c9300-48uxmMatch-

ciscocatalyst_c9300l-24p-4gMatch-

ciscocatalyst_c9300l-24p-4xMatch-

ciscocatalyst_c9300l-24t-4gMatch-

ciscocatalyst_c9300l-24t-4xMatch-

ciscocatalyst_c9300l-48p-4gMatch-

ciscocatalyst_c9300l-48p-4xMatch-

ciscocatalyst_c9300l-48t-4gMatch-

ciscocatalyst_c9300l-48t-4xMatch-

ciscocatalyst_c9404rMatch-

ciscocatalyst_c9407rMatch-

ciscocatalyst_c9410rMatch-

ciscocatalyst_c9500-12qMatch-

ciscocatalyst_c9500-16xMatch-

ciscocatalyst_c9500-24qMatch-

ciscocatalyst_c9500-24y4cMatch-

ciscocatalyst_c9500-32cMatch-

ciscocatalyst_c9500-32qcMatch-

ciscocatalyst_c9500-40xMatch-

ciscocatalyst_c9500-48y4cMatch-

ciscoconnected_grid_switch_2520Match-

ciscoess_2020Match-

ciscoess_3300Match-

ciscoie-1000Match-

ciscoie-2000u-16tc-gMatch-

ciscoie-2000u-16tc-g-xMatch-

ciscoie-2000u-16tc-gpMatch-

ciscoie-2000u-4s-gMatch-

ciscoie-2000u-4t-gsMatch-

ciscoie-2000u-4ts-gMatch-

ciscoie-2000u-8tc-gMatch-

ciscoie-3000Match-

ciscoie-3010-16s-8pc_industrial_ethernet_switchMatch-

ciscoie-3010-24tc_industrial_ethernet_switchMatch-

ciscoie-3200-8p2s-eMatch-

ciscoie-3200-8t2s-eMatch-

ciscoie-3300-8p2s-aMatch-

ciscoie-3300-8p2s-eMatch-

ciscoie-3300-8t2s-aMatch-

ciscoie-3300-8t2s-eMatch-

ciscoie-3300-8t2x-aMatch-

ciscoie-3300-8t2x-eMatch-

ciscoie-3300-8u2x-aMatch-

ciscoie-3300-8u2x-eMatch-

ciscoie-3400-8p2s-aMatch-

ciscoie-3400-8p2s-eMatch-

ciscoie-3400-8t2s-aMatch-

ciscoie-3400-8t2s-eMatch-

ciscoie-4000-16gt4g-eMatch-

ciscoie-4000-16t4g-eMatch-

ciscoie-4000-4gc4gp4g-eMatch-

ciscoie-4000-4gs8gp4g-eMatch-

ciscoie-4000-4s8p4g-eMatch-

ciscoie-4000-4t4p4g-eMatch-

ciscoie-4000-4tc4g-eMatch-

ciscoie-4000-8gs4g-eMatch-

ciscoie-4000-8gt4g-eMatch-

ciscoie-4000-8gt8gp4g-eMatch-

ciscoie-4000-8s4g-eMatch-

ciscoie-4000-8t4g-eMatch-

ciscoie-4010-16s12p_industrial_ethernet_switchMatch-

ciscoie-4010-4s24p_industrial_ethernet_switchMatch-

ciscoie-5000-12s12p-10gMatch-

ciscoie-5000-16s12pMatch-

ciscoie_2000-16ptc-g_industrial_ethernet_switchMatch-

ciscoie_2000-16t67_industrial_ethernet_switchMatch-

ciscoie_2000-16t67p_industrial_ethernet_switchMatch-

ciscoie_2000-16tc-g-e_industrial_ethernet_switchMatch-

ciscoie_2000-16tc-g-n_industrial_ethernet_switchMatch-

ciscoie_2000-16tc-g-x_industrial_ethernet_switchMatch-

ciscoie_2000-16tc-g_industrial_ethernet_switchMatch-

ciscoie_2000-16tc_industrial_ethernet_switchMatch-

ciscoie_2000-24t67_industrial_ethernet_switchMatch-

ciscoie_2000-4s-ts-g_industrial_ethernet_switchMatch-

ciscoie_2000-4t-g_industrial_ethernet_switchMatch-

ciscoie_2000-4t_industrial_ethernet_switchMatch-

ciscoie_2000-4ts-g_industrial_ethernet_switchMatch-

ciscoie_2000-4ts_industrial_ethernet_switchMatch-

ciscoie_2000-8t67_industrial_ethernet_switchMatch-

ciscoie_2000-8t67p_industrial_ethernet_switchMatch-

ciscoie_2000-8tc-g-e_industrial_ethernet_switchMatch-

ciscoie_2000-8tc-g-n_industrial_ethernet_switchMatch-

ciscoie_2000-8tc-g_industrial_ethernet_switchMatch-

ciscoiem-3300-14t2sMatch-

ciscoiem-3300-16pMatch-

ciscoiem-3300-16tMatch-

ciscoiem-3300-4mu-2Match-

ciscoiem-3300-6t2sMatch-

ciscoiem-3300-8pMatch-

ciscoiem-3300-8sMatch-

ciscoiem-3300-8tMatch-

ciscoiem-3400-8pMatch-

ciscoiem-3400-8sMatch-

ciscoiem-3400-8tMatch-

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq15.2\(7\)e

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	15.2\(7\)e

CNA Affected

[
  {
    "product": "Cisco IOS ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Related for CVE-2020-3512

nessus2 cisco1 nvd1 cvelist1 prion1